Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts

    manage content (passing variables problem?)

    I'm sort of a newbie to both CF.com and PHP, but after reading this article in ALA got inspired to use the code to manage the content on my website.

    Now, my problem is that while the code (see below) works just fine on one server, it does not on another (the one I am using after testing).

    It seems that the problem line would be the following:
    Code:
    <a href="template.php?page=kontakt">
    which refers to this code in the file template.php:
    Code:
    <div class="innhold">
    <?php @ require_once ("$page.php"); ?>
    </div>
    The file "kontakt.php" simply does not show up, even though it should (?).

    Does anyone know what is causing my problems?

    I would be so grateful, this is really causing me some headache!!

    //annama

  • #2
    Regular Coder devinemke's Avatar
    Join Date
    Dec 2004
    Location
    NYC
    Posts
    443
    Thanks
    0
    Thanked 12 Times in 11 Posts
    PHP Code:
    <?php require_once($_GET['page'] . '.php'); ?>
    be advised that it is not the smartest thing to include() or require() scripts based on user input without proper validation

  • #3
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts

    thank you!

    Thank you - it works just fine now!
    Not that I know why, but...

  • #4
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    if you don't understand that code, then you realy shoudn't use it. escpecially not since it can be a serious security-risk, like devinemke hinted at. more info http://www.codingforums.com/showthre...hlight=exploit

    what you used is a very old article, that was written for an older PHP version when 'register globals' was still ON (more info http://uk.php.net/register_globals ).
    So on the first server, you tried the code, register globals was ON, while on most live servers today, register globals is OFF.
    Posting guidelines I use to see if I will spend time to answer your question : http://www.catb.org/~esr/faqs/smart-questions.html


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •